LDAP User Sync Configuration

You can allow LDAP User Sync for NiFi by using Cloudera Manager safety valves for authorizers.xml to extend the configuration.

The user group provider, once defined, can be used to replace the default user group property for file access providers.

Property Name Description Property Value (Default)
xml.authorizers.userGroupProvider.ldap-user-group-provider.class org.apache.nifi.ldap.tenants.LdapUserGroupProvider
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.Authentication Strategy SIMPLE
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.Manager DN Identity of Manager DN for LDAP
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.Manager Password LDAP Manager DN password
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.Referral Strategy Referral Strategy FOLLOW
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.Connect Timeout Connection Timeout 10 secs
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.Read Timeout 10 secs
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.Url LDAP URL (e.g. ldap://localhost:389)
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.Page Size
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.Sync Interval 1 min
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.User Search Base User Search Base
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.User Object Class Example (Person, PosixAccount)
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.User Search Scope ONE_LEVEL
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.User Search Filter
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.User Identity Attribute
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.User Group Name Attribute
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.User Group Name Attribute - Referenced Group Attribute
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.Group Search Base
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.Group Object Class
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.Group Search Scope ONE_LEVEL
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.Group Search Filter
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.Group Name Attribute
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.Group Member Attribute
xml.authorizers.userGroupProvider.ldap-user-group-provider.property.Group Member Attribute - Referenced User Attribute